I have a cleint getting hit with a lot of NDR spam / NDR spoofing lately. The CEO got hit with 1000 in one day!
I've been looking at ways of blocking NDR spam, but so far nothing seems like it will work for sure.
At this point I just want to turn off all incoming NDR messages. I realize that this will block legit NDR notices when an internal user mistypes an address. For now it's the lesser of the evils.
I can't seem to find out how to do this. We are using Windows Small Business Server 2003 SP2 with Exchange 2003 SP2 and Symantec Mail Security for Exchange 5. We are thinking of movig to Symantec Hosted Mail Security or Postini.
I've read somewhere that blocking NDR's can get you blacklisted. Is this true? Seems strange if so.
People have mentioned using SPF records, but the effectivness will be based on how many external companies are checking SPF. I get the feel its under 50% meaning it will not do much good.
I did find this spam applaince and talked tech support. It appears this would work to block NDR spam, but the appliance is $2000 and licenses are $1300 a yr making it to expensive for a company of 10 people.